Email is no longer human-centric; it's an operational fabric where humans and AI interact
In the space of five minutes, a single phishing email can unravel an organisation's defences — credentials stolen, authentication bypassed, persistence established. Barracuda's response to this accelerating reality is a platform that refuses to treat email security as a problem solved at the gate, instead following the threat wherever it travels after delivery. Launched for Microsoft 365 and Google Workspace, Barracuda Integrated Email Protection reflects a broader reckoning in cybersecurity: that the speed of modern attackers has outpaced the old logic of interception, demanding systems that watch, reason, and act across the full arc of an attack.
- Red-team simulations confirmed what defenders feared — a phishing email can cascade into full network compromise within five minutes, making post-delivery detection no longer optional.
- One in seven compromised accounts is now turned against further targets, as attackers automate lateral movement across identities, systems, and data at machine speed.
- Barracuda's new platform deploys AI inside inboxes rather than only at entry points, pulling back delivered messages, rescanning quarantined content, and remediating threats across an entire tenant in a single action.
- Bailey, the platform's AI assistant, explains security decisions in plain language — an acknowledgment that automation without transparency erodes the trust of the security teams it is meant to support.
- The service correlates signals across email, identity, network, and application layers, processing roughly 1.5 billion URLs daily to keep pace with the velocity of modern threats.
A phishing email arrives. Five minutes later, credentials are stolen, multifactor authentication is bypassed, and an attacker has established a foothold on the network. Barracuda's own red-team research demonstrated this sequence is not hypothetical — and that finding reshaped the company's approach to email defence.
The result is Barracuda Integrated Email Protection, a cloud-based service built for Microsoft 365 and Google Workspace. The platform marks a deliberate departure from the decades-old model of stopping threats before they reach users. Attackers have moved on: they now operate through compromised accounts, automated tools, and multi-stage techniques that unfold long after a message lands in an inbox. The initial email is no longer the primary danger — what follows it is.
The service uses artificial intelligence to hunt threats inside inboxes continuously, reassessing messages as new evidence emerges from URLs, identity signals, and telemetry across connected systems. It can remove malicious messages after delivery, pull back already-opened content, consolidate quarantine views across platforms, and remediate threats tenant-wide in one action. An AI assistant named Bailey explains the system's decisions in plain language, preserving human oversight over automated responses.
Barracuda's threat intelligence operation analyses roughly 1.5 billion URLs daily and ingests hundreds of threat feeds across hundreds of thousands of customer environments. The company notes that one in seven compromised accounts is now weaponised to launch further attacks — a figure that illustrates how quickly a single breach multiplies.
Chief executive Rohit Ghai framed the launch around a structural shift: email has become an operational fabric where humans and AI interact, making it a far larger target than it once was. The platform is built on Barracuda's BarracudaONE infrastructure, deploys via API without disrupting mail flow, and supports both single-tenant and multi-tenant environments — a design choice that makes it relevant for managed service providers. In a market where speed and cross-domain visibility increasingly separate adequate security from effective security, Barracuda's wager is that integrated, explainable, post-delivery protection is what organisations actually need.
A phishing email arrives in an inbox. Five minutes later, the attacker has stolen credentials, bypassed multifactor authentication, established persistence on the network, and compromised an endpoint. This is no longer theoretical. Barracuda's own red-team simulation demonstrated it can happen, and the finding has reshaped how the company thinks about email security.
On the back of that research, Barracuda launched Barracuda Integrated Email Protection, a cloud-based security service built for Microsoft 365 and Google Workspace environments. The product represents a fundamental shift in email defense strategy. For decades, the goal was simple: stop bad messages before they reached users. But attackers have moved faster. They now use compromised accounts, automated tools, and multi-stage techniques that unfold after delivery. The real threat is no longer the initial email—it's what happens next.
The new service uses artificial intelligence to hunt threats inside inboxes, not just at the gate. It can detect and remove malicious messages after they arrive, pull back messages that were already delivered, and explain its security decisions in plain language through Bailey, Barracuda's AI assistant. The system operates across what the company calls the full attack lifecycle, continuously reassessing messages as new evidence emerges from URLs, identity signals, and telemetry from connected systems. It consolidates quarantine views across Microsoft 365 and Barracuda's own infrastructure, rescans messages before release, and can remediate threats across an entire tenant in one action.
Barracuda's research underscores why this matters. One in seven compromised accounts is now weaponized to launch further attacks. Threat actors are automating lateral movement across identities, systems, and data. The company's threat intelligence operation analyzes roughly 1.5 billion URLs daily and ingests hundreds of threat feeds, refining detection across hundreds of thousands of customer environments. The velocity and scale of modern email attacks demand a platform that can see across domains—email, identity, network, data, applications—and act on what it finds in real time.
Rohit Ghai, Barracuda's chief executive, framed the launch around a fundamental change in how email functions. "Email is no longer a human-centric communication platform; it's an operational fabric where humans and AI interact, making it a much bigger target," he said. In an era where attackers deploy agents and automation, he argued, security requires continuous visibility and response across the entire attack lifecycle. The product is built on Barracuda's BarracudaONE platform and designed for both single-tenant and multi-tenant deployments, making it relevant for managed service providers handling multiple customer environments.
The architecture uses API-based deployment, avoiding changes to mail exchange records and minimizing disruption to mail flow. Scott Harris, chief information officer at TriRx Pharmaceuticals, a customer, described the service as going beyond stopping attacks at delivery to proactively identifying and removing threats wherever they appear. "These new capabilities set a new standard for modern email security," he said.
Barracuda enters a crowded market. Cloud email security is now a competitive space where vendors distinguish themselves through automation, cross-platform visibility, and post-delivery remediation. But the underlying problem is real: attackers are faster, more automated, and less dependent on a single malicious message to succeed. Organizations using Microsoft 365 or Google Workspace face a choice between point solutions and integrated platforms that can correlate signals across their entire security infrastructure. Barracuda's bet is that the latter approach—one that explains its decisions and lets users control or reverse automated actions—is what security teams actually need.
Citas Notables
Email is no longer a human-centric communication platform; it's an operational fabric where humans and AI interact, making it a much bigger target and amplifying the speed, scale and impact of attacks when threats go undetected.— Rohit Ghai, Chief Executive Officer at Barracuda
Barracuda Email Protection gives us genuine peace of mind in a rapidly evolving threat landscape. It goes beyond stopping attacks at delivery—proactively identifying and removing threats wherever and whenever they appear.— Scott Harris, Chief Information Officer at TriRx Pharmaceuticals
La Conversación del Hearth Otra perspectiva de la historia
Why does it matter that an attack can compromise a system in five minutes? Isn't that just how fast attackers have always been?
The speed matters because it changes where the defense has to happen. If you have five minutes, you can't rely on humans to spot the threat and act. You need systems that detect and respond automatically, across multiple domains, while the attack is still unfolding.
So the old approach—blocking emails before they reach the inbox—doesn't work anymore?
It's not that it doesn't work. It's that it's not enough. Attackers now use compromised accounts, which look legitimate. They use staged techniques that don't trigger on a single message. The real danger emerges after delivery, in the behavior that follows.
What does it mean that one in seven compromised accounts is used to launch further attacks?
It means attackers aren't just stealing credentials for resale. They're using them as springboards. They get into one account, then move laterally to others, to systems, to data. It's a chain reaction, and it happens fast.
How does a product like this actually stop that chain reaction?
By seeing across the whole environment—email, identity, network, data—and correlating signals in real time. If an account suddenly sends emails to unusual recipients, or a user authenticates from a new location after clicking a link, the system flags it, investigates it, and can remediate across the entire tenant in one action.
And the Bailey assistant—why is that important?
Because security teams don't trust black boxes. If an automated system quarantines a message or blocks an action, people need to understand why. Bailey explains the decision in plain language and lets users reverse it if they disagree. That's how you build trust in automation.